Read our steps on how to avoid fraudsters and the top five current threats.

Small business owners were among victims who reported spear phishing and whaling emails, where hackers target specific “big fish” people in a company.

The emails often include links to websites hosting malware or carrying malicious .pdf, .jar and .zip files. Don’t click on any links in unsolicited emails or from addresses you don’t recognise. NetSafe's website (external link) has tips on how to avoid email accounts being hacked.

Here are some other recent examples of scams reported last month:

As you can see from the list below , it’s very important to keep an eye out for any activity that looks a bit suspicious, such as unusual invoices, odd email addresses, demands for urgent payments or requests for you to log into websites.

Small business websites being cloned and used to recruit money mules via fake job adverts. A North Island agricultural equipment supplier found their site had been duplicated under a .uk domain and was being hosted in Russia.

Business email being compromised, with several companies finding the attackers had recently registered .nz domains very similar to their genuine URLs to increase the chance of staff processing payment requests. A total of $234K was lost through these scams in November.

A company in Christchurch handling earthquake payouts was among the victims with funds channeled to an NZ-based mule.

One small business owner reported that their website database had been hacked with scam emails sent to all customers. One customer lost $14,500. The business also reported that the hacker demanded a $50,000 (USD) ransom to not publish the compromised data online. NetSafe alerted the Police Cybercrime Unit about this and the business owner was told not to pay the ransom.

Connect Smart (external link), led by the government’s National Cyber Policy Office, has a toolkit for small businesses on how to protect your business online.